I have the following information in my web.config file.
我有以下信息在我的网络。配置文件。
<appSettings>
<add key="AdminUsername" value="User1"/>
<add key="AdminPassword" value="Password1"/>
</appSettings>
how do I encrypt it and store? how do I decrypt and use?
如何加密和存储?如何解密和使用?
2 个解决方案
#1
2
Kindly refer to the article - http://msdn.microsoft.com/en-us/library/k6h9cz8h%28v=vs.80%29.aspx
请参阅本文——http://msdn.microsoft.com/en-us/library/k6h9cz8h%28v=vs.80%29.aspx
The command is:
的命令是:
aspnet_regiis.exe -pe "appSettings" -site "MySharePoint" -app "/"
aspnet_regiis。exe -pe "appSettings" -site "MySharePoint" -app "/"
where MySharePoint is a Virtual Directory. The web.config file should be inside the directory too.
MySharePoint是一个虚拟目录。网络。配置文件也应该在目录中。
#2
1
The drawback of encrypting configuration sections using aspnet_regiis or the equivalent APIs is that it encrypts entire sections.
使用aspnet_regiis或等效api对配置部分进行加密的缺点是,它对整个部分进行加密。
Good from a security perspective, but it makes it more difficult for an administrator to inspect other non-sensitive configuration data in the same section. appSettings is a section which an administrator will often want to inspect.
从安全的角度来看,这很好,但是对于管理员来说,在同一节中检查其他非敏感配置数据会更加困难。appSettings是管理员经常需要检查的部分。
One option is to put your credentials in a different section (e.g. create a dummy connection string in the <connectionStrings> section) and encrypt only this section:
一种选择是将您的凭据放在不同的部分(例如,在
<connectionStrings>
...
<add key="AdminCredentials"
providerName=""
connectionString="Username=...;Password=..." />
</connectionStrings>
You will of course have to write code to parse the dummy connection string (String.Split) and extract the credentials. Something like the following (omitting error handling for simplicity):
当然,您必须编写代码来解析虚拟连接字符串(string . split)并提取凭据。如下所示(为了简单起见省略了错误处理):
string s = ConfigurationManager.ConnectionStrings["AdminCredentials"].ConnectionString;
string[] tokens = s.Split(';');
string userName = tokens[0].Split('=')[1];
string password = tokens[1].Split('=')[1];
...
By doing this, you can leave your appSettings section unencrypted.
通过这样做,您可以不加密appSettings部分。
#1
2
Kindly refer to the article - http://msdn.microsoft.com/en-us/library/k6h9cz8h%28v=vs.80%29.aspx
请参阅本文——http://msdn.microsoft.com/en-us/library/k6h9cz8h%28v=vs.80%29.aspx
The command is:
的命令是:
aspnet_regiis.exe -pe "appSettings" -site "MySharePoint" -app "/"
aspnet_regiis。exe -pe "appSettings" -site "MySharePoint" -app "/"
where MySharePoint is a Virtual Directory. The web.config file should be inside the directory too.
MySharePoint是一个虚拟目录。网络。配置文件也应该在目录中。
#2
1
The drawback of encrypting configuration sections using aspnet_regiis or the equivalent APIs is that it encrypts entire sections.
使用aspnet_regiis或等效api对配置部分进行加密的缺点是,它对整个部分进行加密。
Good from a security perspective, but it makes it more difficult for an administrator to inspect other non-sensitive configuration data in the same section. appSettings is a section which an administrator will often want to inspect.
从安全的角度来看,这很好,但是对于管理员来说,在同一节中检查其他非敏感配置数据会更加困难。appSettings是管理员经常需要检查的部分。
One option is to put your credentials in a different section (e.g. create a dummy connection string in the <connectionStrings> section) and encrypt only this section:
一种选择是将您的凭据放在不同的部分(例如,在
<connectionStrings>
...
<add key="AdminCredentials"
providerName=""
connectionString="Username=...;Password=..." />
</connectionStrings>
You will of course have to write code to parse the dummy connection string (String.Split) and extract the credentials. Something like the following (omitting error handling for simplicity):
当然,您必须编写代码来解析虚拟连接字符串(string . split)并提取凭据。如下所示(为了简单起见省略了错误处理):
string s = ConfigurationManager.ConnectionStrings["AdminCredentials"].ConnectionString;
string[] tokens = s.Split(';');
string userName = tokens[0].Split('=')[1];
string password = tokens[1].Split('=')[1];
...
By doing this, you can leave your appSettings section unencrypted.
通过这样做,您可以不加密appSettings部分。